[GTALUG] NAT [was Re: Linux hardening question]

[Stewart C. Russell]

On 2017-07-03 08:56 AM, Russell via talk wrote:
> 
> Its open to everyone to generate or use a keysigning authority. 

Unfortunately, that's a technical solution for a social problem: keys
and authorities need to be something a user (almost) never needs to
worry about. Mail clients need to come with relevant keys to verify most
other users' identity, or the uptake of secure e-mail will be too low to
reach critical mass.

I've worked with X.509-based signing in two very different domains, and
in each there have been deep problems that limit the value of the
process incredibly:

* in the construction industry, X.509-signed secure PDFs are used to
move final drawings and contractual communications (‘transmittals’)
around. Unfortunately, many of these are only verifiable within the
issuer's company or between members of the same trade associations, as
companies and associations act as signing authorities. Many users aren't
aware that scans of electronically signed documents are no longer
electronically signed.

* in amateur radio, the US hobbyist/lobby group ARRL maintains a full
X.509 infrastructure for secure collection and verification of radio
contest logs. The maintainers of this system (‘Logbook of the World’)
have done a lot to make the process simple, but there are still
roadblocks such as keys expiring every few years. It doesn't help that
the majority of radio hams who do radio contests are very
technologically conservative, and received wisdom has it that Logbook of
the World is hard to use and unreliable.

So while everyone could get secure keys, too few people do it to make
the process worthwhile.

cheers,
 Stewart